CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
AI Score
Confidence
High
Software
Hello Elementor
Type
Theme
Vulnerable versions
<= 3.0.0
Fixed in
3.0.1
OWASP Top 10
A1: Broken Access Control
Classification
Cross Site Request Forgery (CSRF)
CVE
CVE-2024-31289
Patch priority
Low
CVSS severity
Low (4.3)
Developer
Claim ownership
PSID
8b6c120716f6
Credits
Dhabaleshwar Das
Required privilege
Unauthenticated
Published
5 April, 2024
Expand full details Have additional information or questions about this entry? Let us know.
This security issue has a low severity impact and is unlikely to be exploited.
Vendor | Product | Version | CPE |
---|---|---|---|
- | hello_elementor | * | cpe:2.3:a:-:hello_elementor:*:*:*:*:*:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
AI Score
Confidence
High